Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/yXYSqC-lOPbvZ1XHc1W0PHxuU68.roa
File: yXYSqC-lOPbvZ1XHc1W0PHxuU68.roa (raw, json)
Hash identifier: LMgY1D+3iFRcR9lEW7J5jgeJxt2maDsaIPOffxF1+jE=
Subject key identifier: C9:76:12:A8:2F:A5:38:F6:EF:67:55:C7:73:55:B4:3C:7C:6E:53:AF
Certificate issuer: /CN=06039e71cb715204a83cc253822dc29a62c799e6
Certificate serial: 018AA71E0F47C2F52D14CCD221890658DB9D
Authority key identifier: 06:03:9E:71:CB:71:52:04:A8:3C:C2:53:82:2D:C2:9A:62:C7:99:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BgOecctxUgSoPMJTgi3CmmLHmeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/yXYSqC-lOPbvZ1XHc1W0PHxuU68.roa
Signing time: Mon 18 Sep 2023 07:07:59 +0000
ROA not before: Mon 18 Sep 2023 07:07:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197120
IP address blocks: 193.160.228.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:1e:0f:47:c2:f5:2d:14:cc:d2:21:89:06:58:db:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06039e71cb715204a83cc253822dc29a62c799e6
Validity
Not Before: Sep 18 07:07:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c97612a82fa538f6ef6755c77355b43c7c6e53af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:02:b1:34:6d:af:b6:1b:d9:b0:fb:ce:20:a1:
c3:09:20:ff:c2:d6:36:02:b8:d6:52:ac:6c:3f:77:
59:d1:b1:3a:b2:c3:7b:fd:bf:c7:7c:2f:4b:9f:df:
c2:d9:20:b3:99:ca:a2:d6:88:1c:41:0a:08:c0:f0:
0f:e5:8b:b1:14:85:6e:81:a8:f4:61:49:b4:f3:cf:
42:9b:25:fb:56:8f:3c:8a:2f:b2:5a:db:ee:45:7f:
1d:7a:ba:d7:a5:98:e0:e9:da:10:6d:e1:ea:18:01:
f7:97:a5:45:cf:2e:7c:fe:23:89:f9:c4:74:27:01:
0c:08:26:81:91:fa:37:c8:8d:c2:d4:3e:4d:05:71:
1c:d1:5b:43:07:b6:0c:e7:69:01:b7:45:70:b0:f2:
98:c9:56:7e:a0:3b:da:7c:2f:d2:0f:f0:4c:db:27:
b1:10:f9:5d:91:e3:2a:a3:87:9f:93:e6:20:63:9e:
03:08:90:57:72:55:fe:68:cf:c0:ca:d9:3d:8c:41:
95:52:65:f0:48:57:2a:eb:cc:90:cf:6f:0c:e8:58:
73:f5:50:ef:61:50:cf:06:4d:c5:f3:0d:ad:c9:5c:
a7:f3:14:fa:e7:3a:bd:86:42:fa:b4:ff:52:16:e4:
f0:a9:92:3a:9a:fe:92:48:13:7a:1e:d3:49:4e:97:
e5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:76:12:A8:2F:A5:38:F6:EF:67:55:C7:73:55:B4:3C:7C:6E:53:AF
X509v3 Authority Key Identifier:
keyid:06:03:9E:71:CB:71:52:04:A8:3C:C2:53:82:2D:C2:9A:62:C7:99:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgOecctxUgSoPMJTgi3CmmLHmeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/yXYSqC-lOPbvZ1XHc1W0PHxuU68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/e62879-2c69-40c3-b116-0e46875d45fd/1/BgOecctxUgSoPMJTgi3CmmLHmeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.228.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:da:9a:d0:af:c6:ae:25:0f:cc:ed:f3:22:12:eb:39:f9:f5:
e6:45:0c:29:e0:74:24:2d:bd:46:2c:ac:4a:c5:7a:39:57:e0:
4e:d2:5f:52:f9:d9:d2:5b:43:ea:23:c3:63:5f:d7:3b:4d:cf:
56:ca:b9:9f:7f:9c:a8:7b:3e:21:be:8a:4d:1b:11:73:e4:f7:
02:8a:e0:8e:07:51:f3:c7:13:5e:3c:a3:be:fc:f5:be:25:7e:
ee:78:59:6b:39:ef:75:e9:94:38:a7:e2:5f:11:fa:8e:0b:d3:
0f:b5:b8:0b:c2:e6:a9:38:95:09:9c:9a:0b:6e:65:af:eb:9c:
a9:9b:fe:1c:6b:8a:cd:d3:2a:99:0c:fc:e9:ef:87:60:c9:54:
4a:93:88:a4:7e:88:9c:63:5a:91:93:3c:92:d4:c0:c7:1a:c5:
c8:64:67:dd:3e:d3:fd:92:10:ed:bc:88:00:ea:d0:18:bb:38:
fd:57:32:98:84:49:1c:aa:ca:97:c8:48:c5:5c:e2:21:d8:81:
23:71:5d:24:0f:a9:b2:7c:a3:11:41:5b:09:90:1f:06:4c:a9:
e3:22:ae:6b:07:82:96:eb:4a:e4:6f:16:d4:94:ca:fd:33:5a:
93:07:44:9c:55:a9:9c:c9:2f:35:86:ab:63:8d:23:48:d7:fa:
cb:c5:4e:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqnHg9HwvUtFMzSIYkGWNudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDM5ZTcxY2I3MTUyMDRhODNjYzI1MzgyMmRjMjlhNjJj
Nzk5ZTYwHhcNMjMwOTE4MDcwNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc2MTJhODJmYTUzOGY2ZWY2NzU1Yzc3MzU1YjQzYzdjNmU1M2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgKxNG2vthvZsPvOIKHDCSD/wtY2
ArjWUqxsP3dZ0bE6ssN7/b/HfC9Ln9/C2SCzmcqi1ogcQQoIwPAP5YuxFIVugaj0
YUm0889CmyX7Vo88ii+yWtvuRX8derrXpZjg6doQbeHqGAH3l6VFzy58/iOJ+cR0
JwEMCCaBkfo3yI3C1D5NBXEc0VtDB7YM52kBt0VwsPKYyVZ+oDvafC/SD/BM2yex
EPldkeMqo4efk+YgY54DCJBXclX+aM/Aytk9jEGVUmXwSFcq68yQz28M6Fhz9VDv
YVDPBk3F8w2tyVyn8xT65zq9hkL6tP9SFuTwqZI6mv6SSBN6HtNJTpfl8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMl2EqgvpTj272dVx3NVtDx8blOvMB8GA1UdIwQY
MBaAFAYDnnHLcVIEqDzCU4Itwppix5nmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdPZWNjdHhVZ1NvUE1KVGdpM0NtbUxIbWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9lNjI4NzktMmM2OS00MGMzLWIxMTYt
MGU0Njg3NWQ0NWZkLzEveVhZU3FDLWxPUGJ2WjFYSGMxVzBQSHh1VTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9lNjI4NzktMmM2OS00MGMzLWIxMTYtMGU0Njg3NWQ0NWZk
LzEvQmdPZWNjdHhVZ1NvUE1KVGdpM0NtbUxIbWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaDkMA0G
CSqGSIb3DQEBCwUAA4IBAQCL2prQr8auJQ/M7fMiEus5+fXmRQwp4HQkLb1GLKxK
xXo5V+BO0l9S+dnSW0PqI8NjX9c7Tc9Wyrmff5yoez4hvopNGxFz5PcCiuCOB1Hz
xxNePKO+/PW+JX7ueFlrOe916ZQ4p+JfEfqOC9MPtbgLwuapOJUJnJoLbmWv65yp
m/4ca4rN0yqZDPzp74dgyVRKk4ikfoicY1qRkzyS1MDHGsXIZGfdPtP9khDtvIgA
6tAYuzj9VzKYhEkcqsqXyEjFXOIh2IEjcV0kD6myfKMRQVsJkB8GTKnjIq5rB4KW
60rkbxbUlMr9M1qTB0ScVamcyS81hqtjjSNI1/rLxU5w
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:11 2025 by rpki-client